Specifications
Features
Firewall
• ICSA-certified Firewall
• Routing and transparent (bridge) mode
• Zone-based access control list
• Stateful packet inspection
• NAT, PAT
• Policy base NAT
• VLAN tagging
• User-aware policy enforcement
• SIP/H.323 NAT traversal
• ALG supports custom ports
Virtual Private Network (VPN)
• ICSA-certified IPSec VPN
• PPTP, L2TP, IPSec
• Algorithm: AES/3DES/DES
• Authentication: SHA-1/MD5
• Key management: Manual key/IKE
• Perfect forward secrecy (DH groups) support
1, 2, 5
• IPSec NAT traversal
• Dead peer detection/relay detection
• PKI (X.509) certificate support
• Centralize VPN support
• Simple wizard support
• Auto reconnect VPN
SSL VPN
• Clientless secure remote access
• Support reverse proxy mode and full tunnel
mode
• Unified policy enforcement
• Supports two-factor authentication
• Customizable user portal
Intrusion Detection and Prevention
(IDP)
• Routing and transparent (bridge) mode
• Zone-based IDP inspection
• Customizable protection profile
• Protect over 2000 attack
• Automatic signature updates
• Custom signatures
• Protocol anomaly detection and protection
• Traffic anomaly detection and protection
• Flooding detection and protection
• DoS/DDoS protection
Anti-Virus
• Support Kaspersky and ZyXEL Anti-Virus
• Stream-based Anti-Virus engine
• Zone base AV protection
• HTTP/FTP/SMTP/POP3/IMAP4 protocol support
• Automatic signature updates
• No file size limitation
• Blacklist/whitelist support
Application Patrol
• Application, IM/P2P, stream base media, VoIP
granular access control
• Detail access control of IM (chat, file transfer,
video)
• Application and IM/P2P bandwidth control
• User authentication support
• IM/P2P signature auto update
• Support more than 15 catalogs IM and P2P
• Real-Time statistical reports
• Maximum/guaranteed bandwidth
Anti-Spam
• Zone to zone protection
• Transparently intercept mail via SMTP/POP3
protocols
• Blacklist/whitelist support
• Support DNSBL checking
• Spam tag support
• Statistics report
High Availability
• Active-Passive mode
• Device failure detection and notification
• Support ICMP and TCP ping check
• Link monitoring
• Auto-Sync configurations
• VPN HA (redundant remote VPN gateways)
Content Filtering
• Web security—ZyXEL safe browsing
• URL blocking, keyword blocking
• Profile base setting
• Exempt list (blacklist and whitelist)
• Blocks java applet, cookies and active X
• Dynamic URL filtering database (powered by
BlueCoat)
• Unlimited user licenses support
• Customize warning messages and redirect URL
Networking
• Routing mode/bridge mode/mixed mode
• Layer 2 port grouping
• Ethernet/PPPoE
• Tagged VLAN (802.1Q)
• Virtual interface (alias interface)
• Policy-based routing (user-aware)
• Policy-based NAT (SNAT)
• Dynamic routing (RIP v1/v2, OSPF)
• DHCP client/server/relay
• Dynamic DNS support
• WAN Trunk more than 2 port
• Per host session limit
• Guaranteed bandwidth
• Maximum bandwidth
• Priority-bandwidth utilization
Authentication
• Local user database
• Microsoft Windows active directory integrate
• External LDAP/RADIUS user database
• Xauth over RADIUS for IPSec VPN
• Forced user authentication (transparent
authentication)
• IP/MAC address binding
System Management
• Role-Based administration
• Multiple administrator login
• Multi-Lingual web GUI (HTTPS/HTTP)
• Out-of-band management (AUX)
• Object-based configuration
• Command line interface (console/web
console/SSH/TELNET)
• SNMP v2c (MIB-II)
• System configuration rollback
• Firmware upgrade via FTP/FTP-TLS/web GUI
Logging/Monitoring
• Comprehensive local logging
• Syslog (send to up to 4 servers)
• E-mail Alert (send to up to 2 servers)
• Real-Time traffic monitoring
• Built-in daily report
• Advanced reporting (Vantage Report)
• Centralized network management Vantage
(CNM) manageable
Note: *1: With SEM-DUAL/SEM-VPN module
*2: With SEM-DUAL/SEM-UTM module
Enterprise Security
ZyWALL Unified Security
Gateway Series
(100/200/300/1000/2000 Series)
Enterprise Security
ZyWALL Unified Security
Gateway Series
(100/200/300/1000/2000 Series)
Unified Security Gateway Series
Model
ZyWALL USG 100
ZyWALL USG 200
ZyWALL USG 300
ZyWALL USG 1000
ZyWALL USG 2000
Product Photo
Features
• Unified Security
Gateway for SME
(200~500 PC Users)
• Gigabit Firewall with
Fiber interface (SFP)
• Scalable VPN/UTM
performance
• Support Kaspersky
and ZyXEL anti-virus
• Redundant power
module
• Unified Security
Gateway for SME
(75~200 PC Users)
• Providing Hybrid VPN
(IPSec/SSL VPN) and
robust UTM security
services
• High-performance
multi-layer threat
protection
• Non-stop operations
of mission-critical
applications
• Excellent
manageability with
object, text-based and
centralized
• Unified Security
Gateway for SME
(50~75 PC Users)
• Providing Hybrid VPN
(IPSec/SSL VPN) and
robust UTM security
services
• High-performance
multi-layer threat
protection
• User-aware policy
engine enables access
granularity
• Excellent
manageability with
object, text-based and
centralized
• Unified Security
Gateway for SME
(10~50 PC Users)
• High-performance
multi-layer threat
protection
• Hybrid VPN (IPSec, SSL
and L2TP) secures
connection
headquarters
• Support Kaspersky
and ZyXEL anti-virus
• Flexible OPT (option)
port (only for USG 200)
• Unified Security
Gateway for SME
(10~50 PC Users)
• High-performance
multi-layer threat
protection
• Hybrid VPN (IPSec, SSL
and L2TP) secures
connection
headquarters
• Support Kaspersky
and ZyXEL anti-virus
Hardware Specifications
10/100/1000 Interfaces
5 x LAN/DMZ, 2 x WAN
4 x LAN/DMZ, 2 x WAN,
7
5
6
(Copper)
(All GbE)
1 x OPT (All GbE)
DualPersonality GbE
-
-
-
-
2
(SFP/RJ45)
USB Ports
2
2
2
2
2
SEM Slot
-
-
-
-
1
(Security Extension Module)
Card Slot
1
1
1
1
1
System Performance
Firewall Throughput
100 Mbps
150 Mbps
200 Mbps
350 Mbps
2,000 Mbps
VPN Throughput (AES)
50 Mbps
75 Mbps
100 Mbps
150 Mbps
400 Mbps
AV Throughput
*1
40 Mbps
50 Mbps
70 Mbps
120 Mbps
400 Mbps
IDP Throughput
*2
50 Mbps
65 Mbps
75 Mbps
100 Mbps
400 Mbps
UTM Throughput
35 Mbps
45 Mbps
70 Mbps
100 Mbps
400 Mbps
(AV+IDP+Firewall)
*2
Unlimited User Licenses
Yes
Yes
Yes
Yes
Yes
Max Sessions
20,000
40,000
60,000
512,000
1,000,000
Max. Concurrent
50
100
200
1,000
2,000
IPSec VPN Tunnels
Max. Concurrent
5
10
25
250
750
SSL VPN Users
Customizable Zone
Yes
Yes
Yes
Yes
Yes
Power Requirement
Input Voltage
100 ~ 240 V,
100 ~ 240 V,
100 ~ 240 VAC
100 ~ 240 VAC,
100 ~ 240 V,
50 ~ 60 Hz, 1.2 A
50~ 60 Hz, 1.2 A
50/60 Hz, 0.55 ~ 0.3 A
50/60 Hz, 1 A Max
50 ~ 60 Hz, 3 ~ 6 A
Power Rating
20 W Max
20 W Max
35 W Max
80 W Max
200 W
Environmental Specifications
Operating Temperature
0
°
C ~ 50
°
C
0
°
C ~ 50
°
C
0
°
C ~ 50
°
C
0
°
C ~ 40
°
C
0
°
C ~ 40
°
C
Storage Temperature
-30
°
C ~ 60
°
C
-30
°
C ~ 60
°
C
-30
°
C ~ 60
°
C
-30
°
C ~ 60
°
C
-30
°
C ~ 60
°
C
Operating Humidity
5% ~ 90%
5% ~ 90%
20% ~ 90%
5% ~ 90%
5% ~ 90%
(non-condensing)
(non-condensing)
(non-condensing)
(non-condensing)
(non-condensing)
Physical Specifications
Dimensions
242 x 175 x 35.5
242 x 175 x 35.5
430 x 201 x 42
431 x 292 x 43.5
430 x 487 x 89
(W) x (D) x (H) mm
Weight, kg
1.2
1.2
2.8
4.7
10.5